How to Avoid Phishing Scams [Infographic]

Learn how to spot phishing scams and stay safe online.

Phishing scams are a common online threat that can lead to identity theft and financial losses. These scams can be difficult to spot, but there are steps you can take to protect yourself.

Signs of a Phishing Email

• Fake Invoices

People often fall for fake invoices in phishing scams. Scammers use common brands and images to make you feel like a reputable company is contacting you. If you receive a fake invoice, contact the sender to verify the email.

• Communication

Scammers often use trustworthy communication tactics. For instance, they might add “FW” or “RE” to the email subject line.

• Strong Emotions

It’s common for scammers to use urgent or threatening language to get your attention. Before you take action, read the email carefully. They may claim that you need to act quickly to avoid a problem. Look for words that create a sense of urgency such as, “Caution”, “Act Now” or “Warning”.

• Impersonation

Impersonation phishing scams typically involve a fraudster posing as a trusted individual or organization to gain your trust. For example, an impersonation email may appear to be from a well-known company such as Amazon or PayPal, requesting that you update your account information or verify your identity. Scammers may also disguise themselves as the IRS or other tax agencies and contact you regarding refunds, your filing status, personal information, or PIN information.

Phishing scams infographic

How to Protect Yourself:

  1. Use Caution

    Remember to use caution before you click a link, download attachments, or share private information.
  2. Do Not Allow Macros

    Scammers often send Microsoft Office files that contain macros to deliver malware. Never allow macros if you’re prompted by an Office application. If you enable macros, your network could be compromised.
  3. Never Download

    Unless you know the sender, never download files attached to an email or sent via hyperlink.
  4. Keep Your Password Private

    Never share your password with another person. Legitimate companies will never ask you to reveal sensitive information.

By following these best practices, you can help protect yourself from the consequences of a phishing attack. If you suspect you have received a phishing email or message, report it to the FTC at

The information provided in these articles is intended for informational purposes only. It is not to be construed as the opinion of Central Bancompany, Inc., and/or its subsidiaries and does not imply endorsement or support of any of the mentioned information, products, services, or providers. All information presented is without any representation, guaranty, or warranty regarding the accuracy, relevance, or completeness of the information.